Title: Low Level Security Warning
Last modified: February 25, 2026

---

# Low Level Security Warning

 *  Resolved [birdhousedigital](https://wordpress.org/support/users/birdhousedigital/)
 * (@birdhousedigital)
 * [3 months, 2 weeks ago](https://wordpress.org/support/topic/low-level-security-warning/)
 * Hi,
 * I love this plugin and use it on several sites. At the moment I’m getting a warning
   that the plugin is insecure. [https://patchstack.com/database/wordpress/plugin/simply-gallery-block/vulnerability/wordpress-simply-gallery-plugin-3-2-8-cross-site-scripting-xss-vulnerability](https://patchstack.com/database/wordpress/plugin/simply-gallery-block/vulnerability/wordpress-simply-gallery-plugin-3-2-8-cross-site-scripting-xss-vulnerability)
   Is there a timeline for a fix for this?
 * Thanks,

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Support [Nadiya – SG Support](https://wordpress.org/support/users/wpdexterity/)
 * (@wpdexterity)
 * [3 months, 2 weeks ago](https://wordpress.org/support/topic/low-level-security-warning/#post-18833238)
 * Hello, we did see this message, but unfortunately the author of the report is
   currently not responding to us despite multiple attempts to reach out through
   Patchstack. Because of this, we do not have access to the report details and 
   therefore cannot verify or fix the issue yet.
 * From my side, I can only assume that this may be related to Contributor-level
   permissions — for example, if users with the Contributor role on your site attempted
   to add harmful links or scripts through gallery content, that could potentially
   create a problem. However, until Patchstack restores our access to the report,
   we are unable to properly investigate or close the issue on their platform.
 * We are keeping this on our radar and continue to request access periodically.
   Unfortunately, unlike reports coming from the official WordPress Plugin Directory
   team — where volunteers send issues to developers through a centralized WordPress
   infrastructure — communication with independent researchers can sometimes be 
   much more complicated.
 *  Plugin Support [Nadiya – SG Support](https://wordpress.org/support/users/wpdexterity/)
 * (@wpdexterity)
 * [3 months, 2 weeks ago](https://wordpress.org/support/topic/low-level-security-warning/#post-18835705)
 * Please update the plugin to the latest version, and this vulnerability will no
   longer affect you.
 *  Thread Starter [birdhousedigital](https://wordpress.org/support/users/birdhousedigital/)
 * (@birdhousedigital)
 * [3 months, 1 week ago](https://wordpress.org/support/topic/low-level-security-warning/#post-18837061)
 * Thank you!

Viewing 3 replies - 1 through 3 (of 3 total)

You must be [logged in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Flow-level-security-warning%2F%3Foutput_format%3Dmd&locale=en_US)
to reply to this topic.

 * ![](https://ps.w.org/simply-gallery-block/assets/icon-256x256.png?rev=2543539)
 * [Mixed Media Gallery Blocks](https://wordpress.org/plugins/simply-gallery-block/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/simply-gallery-block/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/simply-gallery-block/)
 * [Active Topics](https://wordpress.org/support/plugin/simply-gallery-block/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/simply-gallery-block/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/simply-gallery-block/reviews/)

 * 4 replies
 * 2 participants
 * Last reply from: [birdhousedigital](https://wordpress.org/support/users/birdhousedigital/)
 * Last activity: [3 months, 1 week ago](https://wordpress.org/support/topic/low-level-security-warning/#post-18837061)
 * Status: resolved